Sandboxie: "Locking Down" USB Ports & DVD/CD-RW/ROM's

Sandboxie: "Locking Down" USB Ports & DVD/CD-RW/ROM's

I have not yet tried using Sandboxie to "lock down" the DVD/-RW's Drives and USB Ports of my Home PC's. However, someone has asked me if Sandboxie can be used effectively to stop Malware from infecting Servers when USB Flash Drives/USB hard drives/DVD-RW's are used. Is it possible to set-up Sandboxie to perform this Task effectively? If yes, how would you go about configuring Sandboxie for this Task?

Please give other suggestions for using Sandboxie in a Server Environment. These Servers do not have Internet Access.

Operating Systems: Windows XP Pro (32 bit) & Windows 2003 Server (32 bit)
Antivirus Software: McAfee VirusScan Enterprise 8.7i

Thanks in Advance.

 

I am not to sure what locking down means but if you mean how to use SBIE to keep anything from running when a USB, CD or DVD is inserted in your computer, then you can do it by adding "nosbiectrl" in Start/Run restrictions of the forced folder sandbox that you are using for those drives.

If you do that, nothing is gonna run but SBIE will issue Msg 1308. If what you want is keep others from using those drives, make sure you disable Msg 1308. The person trying to use the drive wont have a clue about whats going on unless is someone that knows how to use SBIE.

Bo

 

Is it possible to auto-sandbox CD drives, USB sticks etc?

 

Last night I experimented with using "Forced Folders" in Sandboxie. I added explorer.exe to the Start/Run Access, used "Drop Rights" and added H:\ to the "Forced Folders". I attached a USB Flash Drive containing some exe's. I tried to run a couple of different exe's and Sandboxie blocked their execution.

 

It is what I do.

I set USB pendrive to 'Forced Folders' to avoid usb based malware from running unsandboxed. It protect very well these kind of malware.

I have some folders in my pendrive that I want allow to change, create or delete files that are inside it; for that I set 'OpenFilePath' to that folders.

 

Yes, add the letter of the drive that you want to open sandboxed automatically using the Forced folder feature. I use separate sandboxes, one for USB drives and another one for CD/DVD drives. Works great.

Bo

 

thanks